I am developing a javascript library to perform smart card operations using the CCID protocol over chrome webusb API. Everything goes well when I plug the smart card reader on Linux and MacOS, however I get stuck on windows when I try to claim the interface.
I tried to run chrome as an administrator, disable smart card services /
CCID drivers on windows in case those were claiming the interface, but nothing does it. I keep having the
"Failed to claim interface: Access denied (insufficient permissions)"
message. Is it really a permission problem ? Or is it some windows service I am not aware of blocking the access ?

Edit: I tried on another mac, on which the reader didn't work. After removing the specific vendor id / product id from the CCID driver info.plist, I managed to make it work. So I suppose the same problem is happening on windows, a CCID driver is "blocking" the access interface. What are my alternatives ?

2 Answers
2

The insight in your edit is correct, if the CCID driver is blocking access to the device then Chrome cannot access it. In addition on Windows the operating system must know to load the WinUSB.sys driver (which comes with Windows) against the device or else any userspace application such as Chrome cannot access it. This can be accomplished using an INF file like this one or by adding Microsoft OS descriptors to the device to set the "compatible ID" to "WINUSB".

If you are building your own device the latter option is preferable as it will provide plug-and-play support for your users while the former still requires a manual installation step for Windows users.

If you are working with an existing device but have control over the Windows system then, similar to editing the Info.plist for the macOS driver, you can go into the Windows Device Manager and replace the existing driver with WinUSB.sys using an INF file like the above.

Thanks, your solution works on windows ! Unfortunately this is not viable. I was hoping webusb could solve the gap between web and smart card. Do you think an access to the CCID class driver could be implemented one day in chrome ?
– lmeunierSep 13 '17 at 12:06

There's no work I am aware of to bring a generic CCID API to the web.
– Reilly GrantSep 14 '17 at 14:48

I'm pretty new to this but as far as i can see when a native driver takes hold of your USB device, your lost and there is nothing the browser can do about it. It seems a fix could be to change the vendor or product ID (if you can do this) so no native driver will claim your device. If this is not a solution, a chrome app has much more possibilities and might be able to overcome the problem.